Libor Pechacek a83836dbc5 powerpc/pseries: Avoid NULL pointer dereference when drmem is unavailable ... In guests without hotplugagble memory drmem structure is only zero initialized. Trying to manipulate DLPAR parameters results in a crash. $ echo "memory add count 1" > /sys/kernel/dlpar Oops: Kernel access of bad area, sig: 11 [#1] LE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries ... NIP: c0000000000ff294 LR: c0000000000ff248 CTR: 0000000000000000 REGS: c0000000fb9d3880 TRAP: 0300 Tainted: G E (5.5.0-rc6-2-default) MSR: 8000000000009033 <SF,EE,ME,IR,DR,RI,LE> CR: 28242428 XER: 20000000 CFAR: c0000000009a6c10 DAR: 0000000000000010 DSISR: 40000000 IRQMASK: 0 ... NIP dlpar_memory+0x6e4/0xd00 LR dlpar_memory+0x698/0xd00 Call Trace: dlpar_memory+0x698/0xd00 (unreliable) handle_dlpar_errorlog+0xc0/0x190 dlpar_store+0x198/0x4a0 kobj_attr_store+0x30/0x50 sysfs_kf_write+0x64/0x90 kernfs_fop_write+0x1b0/0x290 __vfs_write+0x3c/0x70 vfs_write+0xd0/0x260 ksys_write+0xdc/0x130 system_call+0x5c/0x68 Taking closer look at the code, I can see that for_each_drmem_lmb is a macro expanding into `for (lmb = &drmem_info->lmbs[0]; lmb <= &drmem_info->lmbs[drmem_info->n_lmbs - 1]; lmb++)`. When drmem_info->lmbs is NULL, the loop would iterate through the whole address range if it weren't stopped by the NULL pointer dereference on the next line. This patch aligns for_each_drmem_lmb and for_each_drmem_lmb_in_range macro behavior with the common C semantics, where the end marker does not belong to the scanned range, and alters get_lmb_range() semantics. As a side effect, the wraparound observed in the crash is prevented. Fixes: 6c6ea53725 ("powerpc/mm: Separate ibm, dynamic-memory data from DT format") Cc: stable@vger.kernel.org # v4.16+ Signed-off-by: Libor Pechacek <lpechacek@suse.cz> Signed-off-by: Michal Suchanek <msuchanek@suse.de> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> Link: https://lore.kernel.org/r/20200131132829.10281-1-msuchanek@suse.de		2020-02-19 22:46:11 +11:00
..
4xx	powerpc: remove the ppc44x ocm.c file	2019-08-27 13:03:33 +10:00
8xx	powerpc/8xx: use the fixmapped IMMR in cpm_reset()	2019-11-19 19:38:35 +11:00
40x	powerpc updates for 5.3	2019-07-13 16:08:36 -07:00
44x	powerpc: remove the ppc44x ocm.c file	2019-08-27 13:03:33 +10:00
52xx	compat_ioctl: move WDIOC handling into wdt drivers	2019-10-23 17:23:46 +02:00
82xx	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
83xx	ARM: SoC-related driver updates	2020-02-08 14:04:19 -08:00
85xx	ARM: SoC-related driver updates	2020-02-08 14:04:19 -08:00
86xx	powerpc/sysdev: drop simple gpio	2019-11-21 15:41:34 +11:00
512x	powerpc/512x: Use dma_request_chan() instead dma_request_slave_channel()	2020-01-06 16:25:29 +11:00
amigaone	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
cell	Merge branch 'merge.nfs-fs_parse.1' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2020-02-08 13:26:41 -08:00
chrp	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
embedded6xx	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500	2019-06-19 17:09:55 +02:00
maple	powerpc updates for 5.6	2020-02-04 13:06:46 +00:00
pasemi	arch/powerpc/setup: Drop dummy_con initialization	2020-01-14 15:29:17 +01:00
powermac	powerpc updates for 5.3	2019-07-13 16:08:36 -07:00
powernv	powerpc/powernv: Move core and fadump_release_opalcore under new kobject	2020-02-19 21:07:10 +11:00
ps3	arch/powerpc/setup: Drop dummy_con initialization	2020-01-14 15:29:17 +01:00
pseries	powerpc/pseries: Avoid NULL pointer dereference when drmem is unavailable	2020-02-19 22:46:11 +11:00
fsl_uli1575.c	treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152	2019-05-30 11:26:32 -07:00
Kconfig	powerpc/64s: Reimplement power4_idle code in C	2020-01-16 14:59:37 +10:00
Kconfig.cputype	powerpc/32: Force KASAN_VMALLOC for modules	2020-01-27 22:37:41 +11:00
Makefile	powerpc: Add -Werror at arch/powerpc level	2018-10-19 00:56:17 +11:00